@@ -53,9 +53,9 @@ func NewListener(config *config.Config, logger *slog.Logger, icingaClient *icing
5353 mux := http .NewServeMux ()
5454 // Register all handler functions here to have a central overview of the API
5555 mux .HandleFunc ("GET /healthz" , l .handleHealthy )
56- mux .HandleFunc ("POST /webhook" , l .handleIncomingAlert )
56+ mux .HandleFunc ("POST /webhook" , authHandler ( l .handleIncomingAlert , config . BearerToken ) )
5757
58- l .mux = authHandler ( mux , config . BearerToken )
58+ l .mux = mux
5959
6060 return l
6161}
@@ -115,25 +115,25 @@ func (l *Listener) Run(ctx context.Context) error {
115115
116116// authHandler is a Middleware for handling authorization.
117117// We currently only need Bearer token authorization, since we don't have complex actions in the API.
118- func authHandler (next http.Handler , expectedToken string ) http.Handler {
118+ func authHandler (f func ( http.ResponseWriter , * http. Request ), expectedToken string ) http.HandlerFunc {
119119 return http .HandlerFunc (func (w http.ResponseWriter , r * http.Request ) {
120120 // Get the Authorization Header from the request
121121 authHeader := r .Header .Get ("Authorization" )
122122
123123 scheme , receivedToken , found := strings .Cut (authHeader , " " )
124124
125125 if ! found || ! strings .EqualFold (scheme , "Bearer" ) || receivedToken == "" {
126- http .Error (w , "malformed authorization header" , http .StatusUnauthorized )
126+ http .Error (w , "unauthorized. missing or malformed authorization header" , http .StatusUnauthorized )
127127 return
128128 }
129129
130130 if receivedToken != expectedToken {
131- http .Error (w , "invalid token" , http .StatusUnauthorized )
131+ http .Error (w , "unauthorized. invalid token" , http .StatusUnauthorized )
132132 return
133133 }
134134
135135 // Pass down the request to the next middleware or handler
136- next . ServeHTTP (w , r )
136+ f (w , r )
137137 })
138138}
139139
0 commit comments